package Action;

import java.io.IOException;
import java.io.PrintWriter;
import java.sql.*;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

public class UIDRecoveryServlet extends HttpServlet {
   
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        response.setContentType("text/html;charset=UTF-8");
        PrintWriter out = response.getWriter();
        try {
            out.println("<html>");
            out.println("<head>");
            out.println("  <title>Recover UID</title>");
            out.println("</head>");
            out.println("<body>");
            out.println("<h1>Recover UID</h1>");
            out.println("<form action='UIDRecovery' method='POST'>");
            out.println("<input type='hidden' name='action' value='recoveruid'/>");
            out.println("  <p>User name: <input type='text' name='j_username'/></p>");
            out.println("  <p>Password: <input type='password' name='j_password'/></p>");
            out.println("  <p><input type='submit' value='RecoveryUID' /></p>");
            out.println("</form>");
            out.println("</body>");
            out.println("</html>");
        } finally { 
            out.close();
        }
    } 

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        processRequest(request, response);
        
    } 

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
    throws ServletException, IOException {
        doAction(request,response);
    }

    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>

    private void doAction(HttpServletRequest request, HttpServletResponse response) 
            throws IOException {
        if (request.getParameter("action") != null &&
                "recoveruid".equals(request.getParameter("action"))) {
            String username = (String) request.getParameter("j_username");
            String password = (String) request.getParameter("j_password");
            try {
                Class.forName("com.microsoft.sqlserver.jdbc.SQLServerDriver");
                Connection con = DriverManager.getConnection("jdbc:sqlserver://w2ksa.cs.cityu.edu.hk:1433;databaseName=aiad048_db", "aiad048", "aiad048"); 
                String query = "SELECT b.UID FROM [Customers] AS a, [Login] AS b WHERE a.userName = ? AND b.password = ?";
                PreparedStatement pstmt = con.prepareStatement(query, ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY); 
                pstmt.setString(1, username);
                pstmt.setString(2, password);
                ResultSet rs = pstmt.executeQuery();
                
                if (rs != null && rs.next()) {
                    String UID = rs.getString(1);
                    HttpSession session = request.getSession();
                    session.setAttribute("recoveruid", UID);
                    response.sendRedirect("Login");
                }else {
                    response.setHeader("Refresh","0:URL=UIDRecovery");
                }
                
            } catch (SQLException ex) {
                Logger.getLogger(RecoveryServlet.class.getName()).log(Level.SEVERE, null, ex);
            } catch (ClassNotFoundException ex) {
                Logger.getLogger(RecoveryServlet.class.getName()).log(Level.SEVERE, null, ex);
            }
            
        }
    }

}
